Hi,
I'm developing a plugin for vSphere html client(build number 6.5.0.20000). I want to add a entry in the global object navigator, and limit the access to vCenter user who has privilege Global.Licenses(just for example here). Sample plug-in.xml below. I login with vCenter administrator which has all privileges, but when access it, H5 client shows "You have no privileges to view this object or it does not exist.". It works if i remove the privilege metadata. This issue blocks the implementation of privilege control for the extension. Is it a H5 client defect? It would be appreciated if you can shade some light on this asap, tks.
Hi,
This is a known issue which we have already addressed in 6.7U1 release of the vSphere Client.
You can see the exact same problem being present in the "Resolved Issues" section of the vSphere Client SDK 6.7 Update 1 Release Notes (https://code.vmware.com/web/sdk/67/client - bottom of the page)
Best Regards,
Denis
Thanks Denis, I test it on vCenter 6.7 U1 below:
1) vSphere HTML Client version 6.7.0.20000,
2) build number : The binary i used is VMware-VCSA-all-6.7.0-10244745 .iso, but after installation, build number on HTML client shows 10244857
Unfortunately, it still doesn't work with the HTML client. It shows the same error msg "You have no privileges to view this object or it does not exist.", could you advise what further action i can take?
Hi,
Thank you for the feedback.
Please make sure you are adding the <privilege> tag only to the global view and not to the entry in the object navigator. As per the documentation "Filtering by privilege is not supported for shortcuts and Object Navigator extensions which should be always visible in the vSphere Client ".
In addition, is it possible to send us the full plugin.xml and reproduce the problem with the HTML Sample plugin (present in the vSphere Client SDK .zip) so that we can investigate further.
Best Regards,
Denis
Thanks for your advise. I tried the html-sample, it works!!
After comparing with our plugin, the difference is it use <contentSpec> to load the page while i use <componentClass className="com.vmware.vsphere.client.htmlbridge.HtmlView">.
So i updated plugin.xml (Attached) of the html-samle to use the htmlbridge instead, then when access the welcome page, the error msg shows up again. If remove the privilege, it can show the page correctly.
Pls advise whether <contentSpec> is the suggested way for html plug-in? i switch to use it instead of the htmlbridge in our plugin, it works.
Yes, <contentSpec> is the recommended way for developing html plugins.
You can find examples in the vSphere Client SDK Documentation. See Developing Local Plug-ins with the vSphere Client SDK
Regards,
Denis
Thanks for your quick response, Denis. Does vmware has the plan to fix this for vSphere 6.5? Though we have a Flex plug-in which can support v6.5, but we want to deprecate it after releasing the H5 plug-in. Privilege control is a must for security, it will be a big gap if the H5 plug-in cann't support v6.5 due to the issue.
Yes, the <privilege> filtering will be supported in vSphere 6.5 releases.
In fact, we have already ported the fix in vSphere 6.5 codebase, however, it is not present in the latest release (6.5U2d).
Expect the issue to be fixed in a next vSphere 6.5 release.
That's really a good news, appreciate your support.